Linked by Thom Holwerda on Mon 3rd Sep 2012 21:53 UTC
OSNews, Generic OSes "After nearly three years of work, I have a pleasure to announce that Qubes 1.0 has finally been released! [...] I would like to thank all the developers who have worked on this project. Creating Qubes OS has been a great challenge, especially for such a small team as ours, but ultimately, I'm very glad with the final outcome - it really is a stable and reasonably secure desktop OS."
Thread beginning with comment 533870
To read all comments associated with this story, please click here.
Rube Goldberg "microkernel"?
by coreyography on Wed 5th Sep 2012 00:02 UTC
coreyography
Member since:
2009-03-06

This sounds like use of a virtual machine monitor (Xen, in this case) to provide separation between applications, some drivers, and other processes, and to run them in an unprivileged mode. Something that things like Minix and most true microkernel OSes do without the VMM ;) .

Is it more secure than Linux chroot? Probably. More secure than FreeBSD jails/UML/<your favorite app virtualization scheme here>? Depends on how secure you think Xen is. It's a fairly substantial amount of code regardless. Unless Qubes can run any general-purpose OS in one of the "appVM"s, I think the effort would probably have been better spent on one of the other technologies mentioned above.

Reply Score: 2